Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    14/05/2024, 16:14

General

  • Target

    42200fd3fb2e22c8a5501586b31446b7_JaffaCakes118.pdf

  • Size

    41KB

  • MD5

    42200fd3fb2e22c8a5501586b31446b7

  • SHA1

    a1590a20e8d396619bae77a3fff32ef13f370391

  • SHA256

    c8a3cd88326aad9825d71835a8ca6d240713327577161c3940db0bbc05136da2

  • SHA512

    c1dca8f02e4fe7823a992fced5282a8d6a7ef2da1ae60cb0fe2a4f371cc58e3a4bdcc7035b9533753cc54ba8fe032a1e6758b79e733a927e58e3caf930c544cf

  • SSDEEP

    768:68hnmcdn6JCu7PX4vDiv+oQnVji51ePGV3G9mWuSDQgaWFi2TJWbm1L/CLaZUny/:68UVJdrOMUVji51ePGV3G9mWuSDQgaWz

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\42200fd3fb2e22c8a5501586b31446b7_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2436

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    05d104c6bae27d0e4146e1708a4065eb

    SHA1

    e339e2f0e500290cd14da9cbfcfcbe0c90c5ae3e

    SHA256

    336f60aef42c1fc121b0c81620673d06076b9b9ddc06be4f682537a2cda0900d

    SHA512

    d49901c8f0510f1d7719d39f94720ffb09e87ed086280806f13b41b0b7f2d5579a0d596870427ebd2e2c5c6583d968503a68d94025620b89f2d84de03c20ca01